Tor Strengthening Security With “Selfrando” Technique

According to reports, the Tor project researchers are beefing up the security of their browser so that it is kept safe from hacking attempts made by government investigating agencies such as the FBI.

The security researchers are specifically testing a new technique called “Selfrando” to protect the browser from the exploits of the hackers.

The Tor browser is used by millions of people worldwide as it helps individuals to browse the internet anonymously.

The identity of the user and the location from where the user logs in are masked.

Because of this anonymity, criminals have capitalized on the browser to conduct their activities.

For this reason, the FBI has made several attempts to hack the browser to trap the criminals hiding behind it.

Reports indicate that privacy activists are worried if the FBI is using Tor exploits for other purposes as well.

The Tor project has since gone on the defense and is trying to improve its security features.

The Selfrando Technique

The Tor project researchers are currently working closely with expert security researchers to recreate a toughened version of the Tor browser by incorporating brand new anti-hacking guards and a technique called Selfrando.

As a result of using the new technique, the anonymity of Tor users would be heightened considerably.

Security researchers at Darmstadt University and the University of Padua have published a new paper to this effect.

The Selfrando technique is designed to work against hackers’ common methods of using “code reuse” for attacks.

Malware is commonly designed to exploit memory leaks that reuse code libraries existing in the browser.

Mainly, a lot of the code is rearranged in the application memory to form the malware.

This is easier to accomplish than injecting malicious new code.

Many of the browsers have security features that randomize the location/placement of code libraries in their memory.

However, the security features are not designed to randomize the locations of the function code sets.

The Selfrando technique does just this and significantly improves the security aspects related to randomization of address space layouts (ASLR) currently used by browsers such as Tor, Firefox, etc.

Selfrando works by creating and allocating random address spaces for internal code that is hard to exploit.

There are other advantages to using the Selfrando technique such as an acceptable load time and negligible overheads during run time.

There are not many changes required to support and protect the Tor browser either.

Other techniques that have been tried recently have not fared so well on these aspects.

This new technique is going to be used in the toughened releases of the Tor browser that are forthcoming and soon, the Selfrando technique is likely to be incorporated as a feature in all regular builds of the browser.

This technique is currently undergoing field tests. However, it is interesting to note that some security experts have skeptical views.

Mike Hyponnen, a cyber-security expert, feels that whenever Tor attempts to beef up security aspects to protect the anonymity of its users, there will be a rise in the number of attempts by hackers to de-anonymize the users.

Whereas many of the newly-found techniques do not last for a long period, some researchers are still trying to patch up security loopholes in browsers like Tor that government agencies can hack into.

Disclaimer:

The articles and content found on Dark Web News are for general information purposes only and are not intended to solicit illegal activity or constitute legal advice. Using drugs is harmful to your health and can cause serious problems including death and imprisonment, and any treatment should not be undertaken without medical supervision.

Dark Web News is a publication dedicated to bringing the latest news about TOR, hidden marketplaces, and everything related to the dark web. We work hard to find and report on the most exciting and relevant dark net news. We also offer help and advice on using the dark net safely and securely.